Merge pull request #186 from silinternational/develop

Release 9.2.4 - use GitHub Actions

.github/workflows/test-and-publish.yml

@@ -0,0 +1,45 @@
+name: Test and Publish
+
+on:
+  push:
+
+jobs:
+  tests:
+    name: Tests
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: test
+        run: docker-compose -f actions-services.yml run --rm app ./run-tests.sh
+      - name: check hub metadata for tests
+        run: docker-compose -f actions-services.yml run --rm ssp-hub.local ./run-metadata-tests.sh
+      - name: check idp metadata for tests
+        run: docker-compose -f actions-services.yml run --rm ssp-idp1.local ./run-metadata-tests.sh
+      - name: check sp metadata for tests
+        run: docker-compose -f actions-services.yml run --rm ssp-sp1.local ./run-metadata-tests.sh
+
+  build-and-publish:
+    name: Build and Publish
+    needs: tests
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ vars.DOCKER_ORG }}/idp-id-broker
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}

Dockerfile

@@ -28,15 +28,19 @@ COPY dockerbuild/run-metadata-tests.sh /data/run-tests.sh
 RUN sed -i -E 's@ErrorLog .*@ErrorLog /proc/1/fd/2@i' /etc/apache2/apache2.conf
 
 # get s3-expand
-RUN curl https://raw.githubusercontent.com/silinternational/s3-expand/1.5/s3-expand -o /usr/local/bin/s3-expand \
+RUN curl https://raw.githubusercontent.com/silinternational/s3-expand/1.5/s3-expand -fo /usr/local/bin/s3-expand \
     && chmod a+x /usr/local/bin/s3-expand
 
 WORKDIR /data
 
 # Install/cleanup composer dependencies
 COPY composer.json /data/
 COPY composer.lock /data/
-RUN composer self-update --no-interaction
+# TODO/FIXME: Disabled the self-update due to a breaking change between composer 2.6.6 and 2.7.1 that affects the
+# loading of the simplesamlphp/simplesamlphp/modules folder. The Docker build fails on the sildisco/sspoverrides line.
+# It is not well understood what changed in composer, but since the overrides will need to be redesigned during
+# the SimpleSAMLphp 2.x upgrade, this issue is deferred until then.
+#RUN composer self-update --no-interaction
 RUN composer install --prefer-dist --no-interaction --no-dev --optimize-autoloader --no-scripts --no-progress
 
 # Copy in SSP override files

actions-services.yml

@@ -0,0 +1,103 @@
+version: '3'
+services:
+  app:
+    build: .
+    depends_on:
+      - ssp-hub.local
+      - ssp-idp1.local
+      - ssp-sp1.local
+      - test-browser
+    volumes:
+      - ./dockerbuild/run-integration-tests.sh:/data/run-integration-tests.sh
+      - ./dockerbuild/run-metadata-tests.sh:/data/run-metadata-tests.sh
+      - ./dockerbuild/run-tests.sh:/data/run-tests.sh
+      - ./features:/data/features
+      - ./tests:/data/tests
+
+  test-browser:
+    image: justinribeiro/chrome-headless:stable
+    cap_add:
+      - SYS_ADMIN
+
+  ssp-hub.local:
+    build: .
+    volumes:
+      # Utilize custom certs
+      - ./development/hub/cert:/data/vendor/simplesamlphp/simplesamlphp/cert
+
+      # Utilize custom configs
+      - ./development/hub/config/authsources.php:/data/vendor/simplesamlphp/simplesamlphp/config/authsources.php
+
+      # Utilize custom metadata
+      - ./development/hub/metadata/idp-remote.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/idp-remote.php
+      - ./development/hub/metadata/saml20-idp-hosted.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/saml20-idp-hosted.php
+      - ./development/hub/metadata/saml20-sp-hosted.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/saml20-sp-hosted.php
+      - ./development/hub/metadata/sp-remote.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/sp-remote.php
+
+      # Enable checking our test metadata
+      - ./dockerbuild/run-metadata-tests.sh:/data/run-metadata-tests.sh
+    command: /data/run.sh
+    environment:
+      ADMIN_EMAIL: "[email protected]"
+      ADMIN_PASS: "abc123"
+      SECRET_SALT: "not-secret-h57fjemb&dn^nsJFGNjweJ"
+      IDP_NAME: "Hub"
+      SECURE_COOKIE: "false"
+      ADMIN_PROTECT_INDEX_PAGE: "false"
+      SHOW_SAML_ERRORS: "true"
+      THEME_USE: "material:material"
+      THEME_COLOR_SCHEME: "orange-light_blue"
+      HUB_MODE: "true"
+
+  ssp-idp1.local:
+    build: .
+    volumes:
+      # Utilize custom certs
+      - ./development/idp-local/cert:/data/vendor/simplesamlphp/simplesamlphp/cert
+
+      # Utilize custom configs
+      - ./development/idp-local/config/authsources.php:/data/vendor/simplesamlphp/simplesamlphp/config/authsources.php
+      - ./development/idp-local/config/config.php:/data/vendor/simplesamlphp/simplesamlphp/config/config.php
+
+      # Utilize custom metadata
+      - ./development/idp-local/metadata/saml20-idp-hosted.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/saml20-idp-hosted.php
+      - ./development/idp-local/metadata/saml20-sp-remote.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/saml20-sp-remote.php
+
+      # Misc. files needed
+      - ./development/enable-exampleauth-module.sh:/data/enable-exampleauth-module.sh
+
+      # Enable checking our test metadata
+      - ./dockerbuild/run-metadata-tests.sh:/data/run-metadata-tests.sh
+    command: 'bash -c "/data/enable-exampleauth-module.sh && /data/run.sh"'
+    environment:
+      ADMIN_EMAIL: "[email protected]"
+      ADMIN_PASS: "a"
+      SECRET_SALT: "not-secret-h57fjemb&dn^nsJFGNjweJ"
+      IDP_NAME: "IDP 1"
+      SECURE_COOKIE: "false"
+      SHOW_SAML_ERRORS: "true"
+      THEME_USE: "material:material"
+
+  ssp-sp1.local:
+    build: .
+    volumes:
+      # Utilize custom certs
+      - ./development/sp-local/cert:/data/vendor/simplesamlphp/simplesamlphp/cert
+
+      # Utilize custom configs
+      - ./development/sp-local/config/config.php:/data/vendor/simplesamlphp/simplesamlphp/config/config.php
+      - ./development/sp-local/config/authsources.php:/data/vendor/simplesamlphp/simplesamlphp/config/authsources.php
+
+      # Utilize custom metadata
+      - ./development/sp-local/metadata/saml20-idp-remote.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/saml20-idp-remote.php
+
+      # Enable checking our test metadata
+      - ./dockerbuild/run-metadata-tests.sh:/data/run-metadata-tests.sh
+    environment:
+      ADMIN_EMAIL: "[email protected]"
+      ADMIN_PASS: "sp1"
+      SECRET_SALT: "not-secret-h57fjemb&dn^nsJFGNjweJz1"
+      SECURE_COOKIE: "false"
+      SHOW_SAML_ERRORS: "true"
+      SAML20_IDP_ENABLE: "false"
+      ADMIN_PROTECT_INDEX_PAGE: "false"